chore(deps): langsmith 0.6.3, qs 6.15.2, minimist 1.2.8

[tomkdgun]

Description

Resolves multiple security vulnerabilities in project dependencies by upgrading affected packages and cleaning up unused yarn resolutions.

CVE Details:

1. CVE-2026-45134 (High Severity - CVSS 7.1) - commit

   • Affected Package: langsmith@0.5.26 (transitive dependency via @langchain/core)
   • Fixed Version: langsmith@0.6.0+
   • Severity: High - Prompt injection and SSRF vulnerability in LangSmith SDK
   • Issue: #11962

2. CVE-2026-8723 (Medium Severity - CVSS 5.3) - commit

   • Affected Package: qs@6.15.0 (transitive dependency via cypress → @cypress/request)
   • Fixed Version: qs@6.15.2
   • Severity: Medium - TypeError crash when using specific stringify options
   • Issue: #12018

Dependency Paths:

• langsmith is a transitive dependency: ai-agent-scripts → @langchain/core → langsmith
• qs is a transitive dependency: cypress → @cypress/request → qs

Changes Made:

1. Security Updates:

   • Upgraded langsmith from 0.5.26 to 0.6.3 via yarn resolution "**/@langchain/core/langsmith": "~0.6.0"
   • Upgraded qs from 6.15.0 to 6.15.2 via yarn resolution "**/qs": "^6.15.2"
   • Upgraded minimist from 1.2.6 to 1.2.8 via yarn resolution "**/minimist": "^1.2.8" - commit

2. Cleanup of Unused Resolutions: - commit

   • Removed 22 obsolete yarn resolutions that are no longer needed. Keeping not need it resolutions might cause multiple issues like not used dependencies or unintended use of older dependency version (minimist was example).

3. Lock File Updates:

   • Updated yarn.lock to reflect new dependency versions
   • Removed unused resolution entries from lock file

Issues Resolved

closes #11962
closes #12018

Screenshot

N/A - This is a dependency security update with no UI changes.

Testing the changes

Verification Steps:

1. Confirm build succeeds:

   yarn osd bootstrap

   Expected: Build completes successfully without errors

Check List

• All tests pass
  • yarn test:jest
  • yarn test:jest_integration
• New functionality includes testing.
• New functionality has been documented.
• Commits are signed per the DCO using --signoff

[github-actions]

PR Code Analyzer ❗

AI-powered 'Code-Diff-Analyzer' found issues on commit 8e94daa.

Path	Line	Severity	Description
package.json	131	high	Security resolution pin for 'axios' (^1.15.2) removed. Axios has multiple known CVEs including SSRF and credential leakage. Removing the forced minimum version may allow vulnerable transitive versions.
package.json	134	high	Security resolution pin for 'elliptic' (^6.6.1) removed. Elliptic is a cryptographic library with known CVEs; this was a deliberate security control now removed.
package.json	148	high	Security resolution pin for 'follow-redirects' (^1.15.4) removed. follow-redirects has CVEs for auth header leakage on cross-origin redirects.
package.json	137	high	Security resolution pin for 'cipher-base' (^1.0.5) removed. Mandatory flag: cryptographic primitive dependency change requires maintainer verification.
package.json	138	high	Security resolution pin for 'sha.js' (^2.4.12) removed. Mandatory flag: cryptographic hashing library dependency change requires maintainer verification.
package.json	132	high	Security resolution pin for 'browserify-rsa' (^4.1.1) removed. Mandatory flag: RSA cryptographic primitive dependency change requires maintainer verification.
package.json	166	high	Security resolution pin for 'xml2js' (^0.5.0) removed. xml2js has known prototype pollution CVEs; removing the forced minimum version may allow vulnerable transitive versions.
package.json	157	high	Security resolution pin for 'nanoid' (^3.3.8) removed. nanoid had CVEs related to predictable ID generation; mandatory flag for dependency pin removal.
package.json	168	high	Resolution for 'qs' updated from ^6.14.1 to ^6.15.2; yarn.lock updated from 6.15.0 to 6.15.2. Mandatory flag: dependency version change requires maintainer verification of artifact authenticity.
package.json	155	high	Security resolution pin for 'node-jose' (^2.2.0) removed. node-jose is a JOSE/JWT cryptographic library; removing its minimum-version pin is a dependency change requiring verification.
yarn.lock	16196	high	minimist updated from 1.2.6 to 1.2.8 in yarn.lock. Mandatory flag: dependency version change — maintainers must verify artifact integrity at new resolved hash.
package.json	133	high	Security resolution pins for '@babel/helpers', '@babel/runtime', '@babel/runtime-corejs3', and '@babel/traverse' (^7.27.0) all removed. Mandatory flag: multiple build-tool dependency pin removals require maintainer verification.

The table above displays the top 10 most important findings.

Total: 12 | Critical: 0 | High: 12 | Medium: 0 | Low: 0

---

Pull Requests Author(s): Please update your Pull Request according to the report above.

Repository Maintainer(s): You can bypass diff analyzer by adding label skip-diff-analyzer after reviewing the changes carefully, then re-run failed actions. To re-enable the analyzer, remove the label, then re-run all actions.

---

⚠️ Note: The Code-Diff-Analyzer helps protect against potentially harmful code patterns. Please ensure you have thoroughly reviewed the changes beforehand.

Thanks.

[SuZhou-Joe]

@tomkdgun Thanks for the clean up, approved workflows to run.

[github-actions]

✅ All unit and integration tests passing

🔗 Workflow run · commit 8e94daabdf39079fa5ddefb564eec05b4bfd0e01

[tomkdgun]

@SuZhou-Joe @ruanyl Thanks for review, looks like ready for merge

[tomkdgun]

@angle943 @SuZhou-Joe @ruanyl The PR rebased after delivery of #12090 because of conflicts. Please re-start workflows and review again.

[ruanyl]

PR Review: #12031 — Resolution Cleanup Safety

Summary

The PR does three things:

1. Adds new resolutions for langsmith ~0.6.0, qs ^6.15.2, minimist ^1.2.8 (CVE fixes)
2. Removes 22 "obsolete" resolutions
3. Updates yarn.lock accordingly

---

Are the removed resolutions safe?

I verified each removed resolution against the current lockfile and upstream package state:

Removed Resolution	CVE It Protected Against	Lockfile Still At	Risk?
axios ^1.15.2	SSRF, credential leak (<1.7.4)	1.15.2	No — latest 1.x, natural ranges resolve here
browserify-rsa ^4.1.1	CVE-2023-46234 (<4.1.1)	4.1.1	No — latest 4.x
@babel/* ^7.27.0	Various (<7.27)	7.29.x	No — latest 7.x
@cypress/request ^3.0.9	SSRF (<3.0.6)	3.0.10	No — latest 3.x
cipher-base ^1.0.5	ReDoS (<1.0.5)	1.0.7	No — 1.0.7 is latest ever published
sha.js ^2.4.12	<2.4.12	2.4.12	No — 2.4.12 is latest ever published
elliptic ^6.6.1	CVE-2024-48949 (<6.6.1)	6.6.1	No — latest 6.x
eslint/cross-spawn ^7.0.5	CVE-2024-21538 (<7.0.5)	7.0.5	No — latest 7.x
follow-redirects ^1.15.4	CVE-2024-28849 (<1.15.4)	1.16.0	No — latest 1.x
json-schema ^0.4.0	CVE-2021-3918 (<0.4.0)	0.4.0	No — only exact 0.4.0 in dep tree
kind-of >=6.0.3	CVE-2019-20149 (<6.0.3)	6.0.3	No — latest 6.x
nanoid ^3.3.8	CVE-2024-55565 (<3.3.8)	3.3.11	No — deps already request ^3.3.11
node-jose ^2.2.0	<2.2.0	2.2.0	No — only exact 2.2.0 referenced
set-value ^4.1.0	CVE-2021-23440 (<4.1.0)	4.1.0	No — latest 4.x
url ^0.11.4	ReDoS (<0.11.4)	0.11.4	No — deps specify ^0.11.4
xml2js ^0.5.0	CVE-2023-0842 (<0.5.0)	0.5.0	No — deps specify ^0.5.0
watchpack-chokidar2/chokidar ^3.5.3	<3.5.3	3.6.0	No — latest 3.x
hoist-non-react-statics ^3.3.2	No CVE (other fix)	3.3.2	No
minimist ^1.2.6	Replaced by ^1.2.8	1.2.8 (upgraded)	No — actually upgraded

---

Verdict: Safe ✓

The resolutions are safe to remove because:

1. The lockfile still pins all safe versions — no downgrades in the diff
2. Natural semver resolution produces the same results — for every package, the fixed version is either the latest published version in its major range, or the dependents already specify a range that mandates the fixed version
3. Even without the lockfile, yarn install today would resolve to the same safe versions since the fixed releases are all the latest available

---

Minor observations

• The langsmith resolution change from exact 0.6.3 to ~0.6.0 is good — it allows patch-level updates while staying on the safe 0.6.x line
• The Code-Diff-Analyzer flagged all removals as "high severity" — that's overly cautious; the bot doesn't check whether the lockfile naturally resolves to safe versions
• CI tests are passing (unit + integration) per the bot comment

---

Suggestion for the PR author

The PR description should mention that these resolutions are safe to remove because the patched versions are the latest in their semver ranges, not just "no longer needed." This gives reviewers confidence about the reasoning.